U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 789 matching records. Displaying matches 101 through 120.

Name (Version) Target Authority Last Modified Resources
CIS Microsoft Windows 11 Stand-alone Benchmark (2.0.0) Microsoft Windows 11
Center for Internet Security (CIS)
04/19/2024 Prose - CIS Microsoft Windows 11 Stand-alone Benchmark v2.0.0
CIS VMware ESXi 5.1 Benchmark (1.0.1) VMware ESXi 5.1
Center for Internet Security (CIS)
04/19/2024 Prose - CIS VMware ESXi 5.1 Benchmark v1.0.1
CIS pfSense Firewall Benchmark (1.1.0) Pfsense Firewall
Center for Internet Security (CIS)
04/19/2024 Prose - CIS pfSense Firewall Benchmark v1.1.0
CIS RHEL8 on IBM Z Linux Benchmark (1.0.0) Red Hat Enterprise Linux 8.0
Center for Internet Security (CIS)
04/19/2024 Prose - CIS RHEL8 on IBM Z Linux Benchmark v1.0.0
CIS MIT Kerberos 1.10 Benchmark (1.0.0) MIT Kerberos 5
Center for Internet Security (CIS)
04/19/2024 Prose - CIS MIT Kerberos 1.10 Benchmark v1.0.0
Google Android 14 BYOAD STIG (Y24M03) Google Android 14
Defense Information Systems Agency
04/19/2024 Standalone XCCDF 1.1.4 - Google Android 14 BYOAD STIG
Oracle Linux 7 STIG (Ver 2, Rel 14) Oracle Linux 7
Defense Information Systems Agency
04/19/2024 SCAP 1.2 Content - Oracle Linux 7 STIG Benchmark - Ver 2, Rel 14
Automated Content - SCC 5.9 RHEL 7/Oracle Linux 7/SLES12/SLES 15 x86 64
Automated Content - SCC 5.9 RHEL 8/Oracle Linux 8 Aarch64
Automated Content - SCC 5.9 RHEL 8/Oracle Linux 8 x86 64
Automated Content - SCC 5.9 RHEL 9/Oracle Linux 9 x86 64
Standalone XCCDF 1.1.4 - Oracle Linux 7 STIG - Ver 2, Rel 14
CIS Ubuntu Linux 22.04 LTS Benchmark (1.0.0) Ubuntu Linux 22.04
Center for Internet Security (CIS)
04/19/2024 Prose - CIS Ubuntu Linux 22.04 LTS Benchmark v1.0.0
CIS Ubuntu Linux 14.04 LTS Benchmark (2.1.0) Ubuntu Linux 14.04
Center for Internet Security (CIS)
04/19/2024 Prose - CIS Ubuntu Linux 14.04 LTS Benchmark v2.1.0
CIS Microsoft Windows 10 Enterprise Release 20H2 Benchmark (1.10.1) Microsoft Windows 10 20H2
Center for Internet Security (CIS)
04/19/2024 Prose - CIS Microsoft Windows 10 Enterprise Release 20H2 Benchmark v1.10.1
CIS Rocky Linux 8 Benchmark (2.0.0) Rocky Linux 8.0
Center for Internet Security (CIS)
04/19/2024 Prose - CIS Rocky Linux 8 Benchmark v2.0.0
CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark (1.11.0) Microsoft Windows 10 21H1
Center for Internet Security (CIS)
04/19/2024 Prose - CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark v1.11.0
CIS MongoDB 6 Benchmark (1.1.0) MongoDB 6.0.0
Center for Internet Security (CIS)
04/19/2024 Prose - CIS MongoDB 6 Benchmark v1.1.0
CIS Rocky Linux 9 Benchmark (1.0.0) Rocky Linux 9.0
Center for Internet Security (CIS)
04/19/2024 Prose - CIS Rocky Linux 9 Benchmark v1.0.0
CIS Microsoft Windows Server 2022 Benchmark (2.0.0) Microsoft Windows Server 2022
Center for Internet Security (CIS)
04/19/2024 Prose - CIS Microsoft Windows Server 2022 Benchmark v2.0.0
CIS IBM i V7R3M0 Benchmark (1.0.0) IBM i System
Center for Internet Security (CIS)
04/19/2024 Prose - CIS IBM i V7R3M0 Benchmark v1.0.0
CIS Oracle Linux 6 Benchmark (2.0.0) Oracle Linux 6
Center for Internet Security (CIS)
04/19/2024 Prose - CIS Oracle Linux 6 Benchmark v2.0.0
CIS SUSE Linux Enterprise 11 Benchmark (2.1.1) SuSE Linux Enterprise Server 11
Center for Internet Security (CIS)
04/19/2024 Prose - CIS SUSE Linux Enterprise 11 Benchmark v2.1.1
CIS Ubuntu Linux 18.04 LXD Host Benchmark (1.0.0) Canonical Ubuntu Linux 18.04 LTS
Center for Internet Security (CIS)
04/19/2024 Prose - CIS Ubuntu Linux 18.04 LXD Host Benchmark v1.0.0
CIS RedHat OpenShift Container Platform v4 Benchmark (1.1.0) Red Hat OpenShift Container Platform 4.12
Center for Internet Security (CIS)
04/19/2024 Prose - CIS RedHat OpenShift Container Platform v4 Benchmark v1.1.0
* This checklist is still undergoing review for inclusion into the NCP.